Screenshot instructions:
Windows
Mac
Red Hat Linux
Ubuntu
Click URL instructions:
Right-click on ad, choose "Copy Link", then paste here →
(This may not be possible with some types of ads)
|
From: Mick <michaelkintzios@gm...> - 2011-11-30 21:58:00
Attachments:
signature.asc
|
Hi All, I have been trying to configure a laptop as a roadwarrior with ipsec- tools-0.7.3-r1 on a Gentoo box. The router (VPN server) is running mode_cfg and the client has "mode_cfg on". I've copied the scripts provided for the roadwarrior client in /etc/racoon/scripts, emptied /etc/ipsec from any spdadd entries (that I was experimenting with unsuccessfully earlier on) and fired up /etc/init.d/racoon. This is the error I get: ========================================== Nov 30 21:00:02 dell_xps racoon: INFO: Reading configuration from "/etc/racoon/racoon.conf" Nov 30 21:00:02 dell_xps racoon: DEBUG: call pfkey_send_register for AH Nov 30 21:00:03 dell_xps racoon: DEBUG: call pfkey_send_register for ESP Nov 30 21:00:03 dell_xps racoon: DEBUG: call pfkey_send_register for IPCOMP Nov 30 21:00:03 dell_xps racoon: DEBUG: reading config file /etc/racoon/racoon.conf Nov 30 21:00:03 dell_xps racoon: DEBUG2: lifetime = 28800 Nov 30 21:00:03 dell_xps racoon: DEBUG2: lifebyte = 0 Nov 30 21:00:03 dell_xps racoon: DEBUG2: encklen=256 Nov 30 21:00:03 dell_xps racoon: DEBUG2: p:1 t:1 Nov 30 21:00:03 dell_xps racoon: DEBUG2: AES-CBC(7) Nov 30 21:00:03 dell_xps racoon: DEBUG2: SHA(2) Nov 30 21:00:03 dell_xps racoon: DEBUG2: 1024-bit MODP group(2) Nov 30 21:00:03 dell_xps racoon: DEBUG2: pre-shared key(1) Nov 30 21:00:03 dell_xps racoon: DEBUG2: Nov 30 21:00:03 dell_xps racoon: DEBUG: hmac(modp1024) Nov 30 21:00:03 dell_xps racoon: DEBUG: compression algorithm can not be checked because sadb message doesn't support it. Nov 30 21:00:03 dell_xps racoon: DEBUG: getsainfo params: loc='ANONYMOUS', rmt='ANONYMOUS', peer='NULL', id=0 Nov 30 21:00:03 dell_xps racoon: DEBUG: getsainfo pass #2 Nov 30 21:00:03 dell_xps racoon: DEBUG2: parse successed. Nov 30 21:00:03 dell_xps racoon: DEBUG: open /var/lib/racoon/racoon.sock as racoon management. Nov 30 21:00:03 dell_xps racoon: DEBUG: my interface: fe80::226:b9ff:fe20:b49c%eth0 (eth0) Nov 30 21:00:03 dell_xps racoon: DEBUG: my interface: ::1 (lo) Nov 30 21:00:03 dell_xps racoon: DEBUG: my interface: 10.10.10.7 (eth0) Nov 30 21:00:03 dell_xps racoon: DEBUG: my interface: 127.0.0.1 (lo) Nov 30 21:00:03 dell_xps racoon: DEBUG: configuring default isakmp port. Nov 30 21:00:03 dell_xps racoon: NOTIFY: NAT-T is enabled, autoconfiguring ports Nov 30 21:00:03 dell_xps racoon: DEBUG: 8 addrs are configured successfully Nov 30 21:00:03 dell_xps racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=7) Nov 30 21:00:03 dell_xps racoon: INFO: 127.0.0.1[500] used for NAT-T Nov 30 21:00:03 dell_xps racoon: INFO: 127.0.0.1[4500] used as isakmp port (fd=8) Nov 30 21:00:03 dell_xps racoon: INFO: 127.0.0.1[4500] used for NAT-T Nov 30 21:00:03 dell_xps racoon: INFO: 10.10.10.7[500] used as isakmp port (fd=9) Nov 30 21:00:03 dell_xps racoon: INFO: 10.10.10.7[500] used for NAT-T Nov 30 21:00:03 dell_xps racoon: INFO: 10.10.10.7[4500] used as isakmp port (fd=10) Nov 30 21:00:03 dell_xps racoon: INFO: 10.10.10.7[4500] used for NAT-T Nov 30 21:00:03 dell_xps racoon: INFO: ::1[500] used as isakmp port (fd=11) Nov 30 21:00:03 dell_xps racoon: INFO: ::1[4500] used as isakmp port (fd=12) Nov 30 21:00:03 dell_xps racoon: INFO: fe80::226:b9ff:fe20:b49c%eth0[500] used as isakmp port (fd=13) Nov 30 21:00:03 dell_xps racoon: INFO: fe80::226:b9ff:fe20:b49c%eth0[4500] used as isakmp port (fd=14) Nov 30 21:00:03 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Nov 30 21:00:03 dell_xps racoon: DEBUG: get pfkey X_SPDDUMP message Nov 30 21:00:03 dell_xps racoon: DEBUG2: Nov 30 21:00:03 dell_xps racoon: DEBUG: pfkey X_SPDDUMP failed: No such file or directory ========================================== Which file is it complaining about? What may be wrong with my set up? -- Regards, Mick |
|
From: Mick <michaelkintzios@gm...> - 2011-12-02 23:19:49
Attachments:
signature.asc
|
On Wednesday 30 Nov 2011 21:58:40 Mick wrote: > Hi All, > > I have been trying to configure a laptop as a roadwarrior with ipsec- > tools-0.7.3-r1 on a Gentoo box. The router (VPN server) is running > mode_cfg and the client has "mode_cfg on". > > I've copied the scripts provided for the roadwarrior client in > /etc/racoon/scripts, emptied /etc/ipsec from any spdadd entries (that I was > experimenting with unsuccessfully earlier on) and fired up > /etc/init.d/racoon. This is the error I get: > ========================================== > Nov 30 21:00:02 dell_xps racoon: INFO: Reading configuration from > "/etc/racoon/racoon.conf" [snip ...] > Nov 30 21:00:03 dell_xps racoon: DEBUG: pfkey X_SPDDUMP failed: No such > file or directory > ========================================== > > Which file is it complaining about? > > What may be wrong with my set up? I tried setting up a tunnel manually, which did away with the "pfkey X_SPDDUMP failed:" error above, but I can't seem to be able to get a tunnel going. :-( I am using my mobile phone as a modem to connect my laptop via the mobile ISP to a router which is running a VPN gateway. The router has mode_cfg set for roadwarrior's connecting to it: VPN IP pool: 172.16.1.0/24 DNS server: 10.10.10.1 LAN subnet: 10.10.1.0/24 Public IP: xxx.xxx.xxx.xxx Once connected to the Internet via the mobile phone's ISP the laptop has: IP: 10.223.7.66 Gateway: 193.30.166.3 Public IP: yyy.yyy.yyy.yyy I've modified the /etc/ipsec.conf file on the latop: ============================= #!/usr/sbin/setkey -f # Flush SAD and SPD flush; spdflush; #SP for racoon spdadd 10.223.7.0/24 10.10.10.0/24 any -P out ipsec esp/tunnel/0.0.0.0- xxx.xxx.xxx.xxx/require; spdadd 10.10.10.0/24 10.223.7.0/24 any -P in ipsec esp/tunnel/xxx.xxx.xxx.xxx-0.0.0.0/require; ============================= The phase 1 exchange seems to happen without problems, when I try to ping 10.10.10.2, but the tunnel set up at phase 2 is not being completed (I've removed the hashes from the laptop racoon log below): ============================= Dec 2 19:09:40 dell_xps racoon: INFO: @(#)ipsec-tools 0.7.3 (http://ipsec- tools.sourceforge.net) Dec 2 19:09:40 dell_xps racoon: INFO: @(#)This product linked OpenSSL 1.0.0e 6 Sep 2011 (http://www.openssl.org/) Dec 2 19:09:40 dell_xps racoon: INFO: Reading configuration from "/etc/racoon/racoon.conf" Dec 2 19:09:40 dell_xps racoon: DEBUG: call pfkey_send_register for AH Dec 2 19:09:40 dell_xps racoon: DEBUG: call pfkey_send_register for ESP Dec 2 19:09:40 dell_xps racoon: DEBUG: call pfkey_send_register for IPCOMP Dec 2 19:09:40 dell_xps racoon: DEBUG: reading config file /etc/racoon/racoon.conf Dec 2 19:09:40 dell_xps racoon: DEBUG2: lifetime = 28800 Dec 2 19:09:40 dell_xps racoon: DEBUG2: lifebyte = 0 Dec 2 19:09:40 dell_xps racoon: DEBUG2: encklen=256 Dec 2 19:09:40 dell_xps racoon: DEBUG2: p:1 t:1 Dec 2 19:09:40 dell_xps racoon: DEBUG2: AES-CBC(7) Dec 2 19:09:40 dell_xps racoon: DEBUG2: SHA(2) Dec 2 19:09:40 dell_xps racoon: DEBUG2: 1024-bit MODP group(2) Dec 2 19:09:40 dell_xps racoon: DEBUG2: pre-shared key(1) Dec 2 19:09:40 dell_xps racoon: DEBUG2: Dec 2 19:09:40 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:09:40 dell_xps racoon: DEBUG: compression algorithm can not be checked because sadb message doesn't support it. Dec 2 19:09:40 dell_xps racoon: DEBUG: getsainfo params: loc='ANONYMOUS', rmt='ANONYMOUS', peer='NULL', id=0 Dec 2 19:09:40 dell_xps racoon: DEBUG: getsainfo pass #2 Dec 2 19:09:40 dell_xps racoon: DEBUG2: parse successed. Dec 2 19:09:40 dell_xps racoon: DEBUG: open /var/lib/racoon/racoon.sock as racoon management. Dec 2 19:09:40 dell_xps racoon: DEBUG: my interface: ::1 (lo) Dec 2 19:09:40 dell_xps racoon: DEBUG: my interface: 172.16.1.1 (ppp0) Dec 2 19:09:40 dell_xps racoon: DEBUG: my interface: 10.223.7.66 (ppp0) Dec 2 19:09:40 dell_xps racoon: DEBUG: my interface: 127.0.0.1 (lo) Dec 2 19:09:40 dell_xps racoon: DEBUG: configuring default isakmp port. Dec 2 19:09:40 dell_xps racoon: NOTIFY: NAT-T is enabled, autoconfiguring ports Dec 2 19:09:40 dell_xps racoon: DEBUG: 8 addrs are configured successfully Dec 2 19:09:40 dell_xps racoon: INFO: 127.0.0.1[500] used as isakmp port (fd=7) Dec 2 19:09:40 dell_xps racoon: INFO: 127.0.0.1[500] used for NAT-T Dec 2 19:09:40 dell_xps racoon: INFO: 127.0.0.1[4500] used as isakmp port (fd=8) Dec 2 19:09:40 dell_xps racoon: INFO: 127.0.0.1[4500] used for NAT-T Dec 2 19:09:40 dell_xps racoon: INFO: 10.223.7.66[500] used as isakmp port (fd=9) Dec 2 19:09:40 dell_xps racoon: INFO: 10.223.7.66[500] used for NAT-T Dec 2 19:09:40 dell_xps racoon: INFO: 10.223.7.66[4500] used as isakmp port (fd=10) Dec 2 19:09:40 dell_xps racoon: INFO: 10.223.7.66[4500] used for NAT-T Dec 2 19:09:40 dell_xps racoon: INFO: 172.16.1.1[500] used as isakmp port (fd=11) Dec 2 19:09:40 dell_xps racoon: INFO: 172.16.1.1[500] used for NAT-T Dec 2 19:09:40 dell_xps racoon: INFO: 172.16.1.1[4500] used as isakmp port (fd=12) Dec 2 19:09:40 dell_xps racoon: INFO: 172.16.1.1[4500] used for NAT-T Dec 2 19:09:40 dell_xps racoon: INFO: ::1[500] used as isakmp port (fd=13) Dec 2 19:09:40 dell_xps racoon: INFO: ::1[4500] used as isakmp port (fd=14) Dec 2 19:09:40 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:09:40 dell_xps racoon: DEBUG: get pfkey X_SPDDUMP message Dec 2 19:09:40 dell_xps racoon: DEBUG2: Dec 2 19:09:40 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:09:40 dell_xps racoon: DEBUG: get pfkey X_SPDDUMP message Dec 2 19:09:40 dell_xps racoon: DEBUG2: Dec 2 19:09:40 dell_xps racoon: DEBUG: sub:0x7fff5c6106f0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:09:40 dell_xps racoon: DEBUG: db :0x14ddad0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=fwd Dec 2 19:09:40 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:09:40 dell_xps racoon: DEBUG: get pfkey X_SPDDUMP message Dec 2 19:09:40 dell_xps racoon: DEBUG2: Dec 2 19:09:40 dell_xps racoon: DEBUG: sub:0x7fff5c6106f0: 10.223.7.0/24[0] 10.10.10.0/24[0] proto=any dir=out Dec 2 19:09:40 dell_xps racoon: DEBUG: db :0x14ddad0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=fwd Dec 2 19:09:40 dell_xps racoon: DEBUG: sub:0x7fff5c6106f0: 10.223.7.0/24[0] 10.10.10.0/24[0] proto=any dir=out Dec 2 19:09:40 dell_xps racoon: DEBUG: db :0x14dddc0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:09:53 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:09:53 dell_xps racoon: DEBUG: get pfkey ACQUIRE message Dec 2 19:09:53 dell_xps racoon: DEBUG2: Dec 2 19:09:53 dell_xps racoon: DEBUG: suitable outbound SP found: 10.223.7.0/24[0] 10.10.10.0/24[0] proto=any dir=out. Dec 2 19:09:53 dell_xps racoon: DEBUG: sub:0x7fff5c6106a0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:09:53 dell_xps racoon: DEBUG: db :0x14ddad0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=fwd Dec 2 19:09:53 dell_xps racoon: DEBUG: sub:0x7fff5c6106a0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:09:53 dell_xps racoon: DEBUG: db :0x14dddc0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:09:53 dell_xps racoon: DEBUG: suitable inbound SP found: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in. Dec 2 19:09:53 dell_xps racoon: DEBUG: new acquire 10.223.7.0/24[0] 10.10.10.0/24[0] proto=any dir=out Dec 2 19:09:53 dell_xps racoon: DEBUG: configuration found for xxx.xxx.xxx.xxx. Dec 2 19:09:53 dell_xps racoon: DEBUG: getsainfo params: loc='10.223.7.0/24', rmt='10.10.10.0/24', peer='NULL', id=0 Dec 2 19:09:53 dell_xps racoon: DEBUG: getsainfo pass #2 Dec 2 19:09:53 dell_xps racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0 Dec 2 19:09:53 dell_xps racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0 Dec 2 19:09:53 dell_xps racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0) Dec 2 19:09:53 dell_xps racoon: DEBUG: (trns_id=AES encklen=256 authtype=hmac-sha) Dec 2 19:09:53 dell_xps racoon: DEBUG: in post_acquire Dec 2 19:09:53 dell_xps racoon: DEBUG: configuration found for xxx.xxx.xxx.xxx. Dec 2 19:09:53 dell_xps racoon: INFO: IPsec-SA request for xxx.xxx.xxx.xxx queued due to no phase1 found. Dec 2 19:09:53 dell_xps racoon: DEBUG: === Dec 2 19:09:53 dell_xps racoon: INFO: initiate new phase 1 negotiation: 10.223.7.66[500]<=>xxx.xxx.xxx.xxx[500] Dec 2 19:09:53 dell_xps racoon: INFO: begin Aggressive mode. Dec 2 19:09:53 dell_xps racoon: DEBUG: new cookie: Dec 2 19:09:53 dell_xps racoon: DEBUG: use ID type of FQDN Dec 2 19:09:53 dell_xps racoon: oakley_dh_generate(MODP1024): 0.005169 Dec 2 19:09:53 dell_xps racoon: DEBUG: compute DH's private. Dec 2 19:09:53 dell_xps racoon: DEBUG: Dec 2 19:09:53 dell_xps racoon: DEBUG: compute DH's public. Dec 2 19:09:53 dell_xps racoon: DEBUG: Dec 2 19:09:53 dell_xps racoon: DEBUG: authmethod is pre-shared key Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 52, next type 4 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 128, next type 10 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 16, next type 5 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 15, next type 13 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 20, next type 13 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 16, next type 13 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 16, next type 13 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 16, next type 13 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 16, next type 13 Dec 2 19:09:53 dell_xps racoon: DEBUG: add payload of len 16, next type 0 Dec 2 19:09:53 dell_xps racoon: DEBUG: 379 bytes from 10.223.7.66[500] to xxx.xxx.xxx.xxx[500] Dec 2 19:09:53 dell_xps racoon: DEBUG: sockname 10.223.7.66[500] Dec 2 19:09:53 dell_xps racoon: DEBUG: send packet from 10.223.7.66[500] Dec 2 19:09:53 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[500] Dec 2 19:09:53 dell_xps racoon: DEBUG: src4 10.223.7.66[500] Dec 2 19:09:53 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[500] Dec 2 19:09:53 dell_xps racoon: DEBUG: 1 times of 379 bytes message will be sent to xxx.xxx.xxx.xxx[500] Dec 2 19:09:53 dell_xps racoon: DEBUG: Dec 2 19:09:53 dell_xps racoon: DEBUG: resend phase1 packet 6d07be7205f4f2ae:0000000000000000 Dec 2 19:09:53 dell_xps racoon: phase1(agg I msg1): 0.006186 Dec 2 19:09:54 dell_xps racoon: DEBUG2: CHKPH1THERE: extract_port. Dec 2 19:09:54 dell_xps racoon: DEBUG2: CHKPH1THERE: found a ph1 wop. Dec 2 19:09:54 dell_xps racoon: DEBUG2: CHKPH1THERE: no established ph1 handler found Dec 2 19:09:55 dell_xps racoon: DEBUG2: CHKPH1THERE: extract_port. Dec 2 19:09:55 dell_xps racoon: DEBUG2: CHKPH1THERE: found a ph1 wop. Dec 2 19:09:55 dell_xps racoon: DEBUG2: CHKPH1THERE: no established ph1 handler found Dec 2 19:09:56 dell_xps racoon: DEBUG2: CHKPH1THERE: extract_port. Dec 2 19:09:56 dell_xps racoon: DEBUG2: CHKPH1THERE: found a ph1 wop. Dec 2 19:09:56 dell_xps racoon: DEBUG2: CHKPH1THERE: no established ph1 handler found Dec 2 19:09:57 dell_xps racoon: DEBUG: === Dec 2 19:09:57 dell_xps racoon: DEBUG: 388 bytes message received from xxx.xxx.xxx.xxx[500] to 10.223.7.66[500] Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: begin. Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=1(sa) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=4(ke) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=10(nonce) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=5(id) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=8(hash) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=13(vid) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=130(nat-d) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=130(nat-d) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=130(nat-d) Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=13(vid) Dec 2 19:09:57 dell_xps racoon: DEBUG: succeed. Dec 2 19:09:57 dell_xps racoon: INFO: received Vendor ID: draft-ietf-ipsec- nat-t-ike-02 Dec 2 19:09:57 dell_xps racoon: INFO: received Vendor ID: DPD Dec 2 19:09:57 dell_xps racoon: DEBUG: remote supports DPD Dec 2 19:09:57 dell_xps racoon: DEBUG: total SA len=52 Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: begin. Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=2(prop) Dec 2 19:09:57 dell_xps racoon: DEBUG: succeed. Dec 2 19:09:57 dell_xps racoon: DEBUG: proposal #1 len=44 Dec 2 19:09:57 dell_xps racoon: DEBUG: begin. Dec 2 19:09:57 dell_xps racoon: DEBUG: seen nptype=3(trns) Dec 2 19:09:57 dell_xps racoon: DEBUG: succeed. Dec 2 19:09:57 dell_xps racoon: DEBUG: transform #1 len=36 Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=28800 Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256 Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:09:57 dell_xps racoon: DEBUG: pair 1: Dec 2 19:09:57 dell_xps racoon: DEBUG: 0x14e0b60: next=(nil) tnext=(nil) Dec 2 19:09:57 dell_xps racoon: DEBUG: proposal #1: 1 transform Dec 2 19:09:57 dell_xps racoon: DEBUG: prop#=1, prot-id=ISAKMP, spi-size=0, #trns=1 Dec 2 19:09:57 dell_xps racoon: DEBUG: trns#=1, trns-id=IKE Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Life Type, flag=0x8000, lorv=seconds Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Life Duration, flag=0x8000, lorv=28800 Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Encryption Algorithm, flag=0x8000, lorv=AES-CBC Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Key Length, flag=0x8000, lorv=256 Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Authentication Method, flag=0x8000, lorv=pre-shared key Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Hash Algorithm, flag=0x8000, lorv=SHA Dec 2 19:09:57 dell_xps racoon: DEBUG: type=Group Description, flag=0x8000, lorv=1024-bit MODP group Dec 2 19:09:57 dell_xps racoon: DEBUG: Compared: DB:Peer Dec 2 19:09:57 dell_xps racoon: DEBUG: (lifetime = 28800:28800) Dec 2 19:09:57 dell_xps racoon: DEBUG: (lifebyte = 0:0) Dec 2 19:09:57 dell_xps racoon: DEBUG: enctype = AES-CBC:AES-CBC Dec 2 19:09:57 dell_xps racoon: DEBUG: (encklen = 256:256) Dec 2 19:09:57 dell_xps racoon: DEBUG: hashtype = SHA:SHA Dec 2 19:09:57 dell_xps racoon: DEBUG: authmethod = pre-shared key:pre-shared key Dec 2 19:09:57 dell_xps racoon: DEBUG: dh_group = 1024-bit MODP group:1024- bit MODP group Dec 2 19:09:57 dell_xps racoon: DEBUG: an acceptable proposal found. Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:09:57 dell_xps racoon: DEBUG: agreed on pre-shared key auth. Dec 2 19:09:57 dell_xps racoon: INFO: Selected NAT-T version: draft-ietf- ipsec-nat-t-ike-02 Dec 2 19:09:57 dell_xps racoon: INFO: Hashing 10.223.7.66[500] with algo #2 Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: INFO: NAT-D payload #-1 doesn't match Dec 2 19:09:57 dell_xps racoon: INFO: Hashing xxx.xxx.xxx.xxx[500] with algo #2 Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: INFO: NAT-D payload #0 verified Dec 2 19:09:57 dell_xps racoon: INFO: Hashing xxx.xxx.xxx.xxx[500] with algo #2 Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: INFO: NAT-D payload #1 doesn't match Dec 2 19:09:57 dell_xps racoon: INFO: NAT detected: ME Dec 2 19:09:57 dell_xps racoon: INFO: KA list add: 10.223.7.66[4500]- >xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: oakley_dh_compute(MODP1024): 0.005667 Dec 2 19:09:57 dell_xps racoon: DEBUG: compute DH's shared. Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: the psk found. Dec 2 19:09:57 dell_xps racoon: DEBUG2: psk: Dec 2 19:09:57 dell_xps racoon: DEBUG2: Dec 2 19:09:57 dell_xps racoon: DEBUG: nonce 1: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: nonce 2: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=24): 0.000027 Dec 2 19:09:57 dell_xps racoon: DEBUG: SKEYID computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=145): 0.000008 Dec 2 19:09:57 dell_xps racoon: DEBUG: SKEYID_d computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000008 Dec 2 19:09:57 dell_xps racoon: DEBUG: SKEYID_a computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=165): 0.000008 Dec 2 19:09:57 dell_xps racoon: DEBUG: SKEYID_e computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: DEBUG: len(SKEYID_e) < len(Ka) (20 < 32), generating long key (Ka = K1 | K2 | ...) Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=1): 0.000014 Dec 2 19:09:57 dell_xps racoon: DEBUG: compute intermediate encryption key K1 Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps 00 Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=20): 0.000013 Dec 2 19:09:57 dell_xps racoon: DEBUG: compute intermediate encryption key K2 Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: final encryption key computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: DEBUG: IV computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH received: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=344): 0.000018 Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH (init) computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH for PSK validated. Dec 2 19:09:57 dell_xps racoon: oakley_validate_auth(pre-shared key): 0.000395 Dec 2 19:09:57 dell_xps racoon: DEBUG: === Dec 2 19:09:57 dell_xps racoon: DEBUG: generate HASH_I Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=339): 0.000019 Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH (init) computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: INFO: Adding remote and local NAT-D payloads. Dec 2 19:09:57 dell_xps racoon: INFO: Hashing xxx.xxx.xxx.xxx[4500] with algo #2 Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: INFO: Hashing 10.223.7.66[4500] with algo #2 Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 20, next type 130 Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 20, next type 130 Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 20, next type 0 Dec 2 19:09:57 dell_xps racoon: DEBUG: Adding NON-ESP marker Dec 2 19:09:57 dell_xps racoon: DEBUG: 104 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: 1 times of 104 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: phase1(agg I msg2): 0.008629 Dec 2 19:09:57 dell_xps racoon: phase1(Aggressive): 3.936213 Dec 2 19:09:57 dell_xps racoon: DEBUG: compute IV for phase2 Dec 2 19:09:57 dell_xps racoon: DEBUG: phase1 last IV: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: DEBUG: phase2 IV computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000015 Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: begin encryption. Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: DEBUG: pad length = 12 Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: alg_oakley_encdef_encrypt(aes klen=256 size=64): 0.000065 Dec 2 19:09:57 dell_xps racoon: DEBUG: with key: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: encrypted payload by IV: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: save IV for next: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: encrypted. Dec 2 19:09:57 dell_xps racoon: DEBUG: Adding NON-ESP marker Dec 2 19:09:57 dell_xps racoon: DEBUG: 96 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: 1 times of 96 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: sendto Information notify. Dec 2 19:09:57 dell_xps racoon: DEBUG: IV freed Dec 2 19:09:57 dell_xps racoon: INFO: ISAKMP-SA established 10.223.7.66[4500]-xxx.xxx.xxx.xxx[4500] spi:.................................. Dec 2 19:09:57 dell_xps racoon: DEBUG: === Dec 2 19:09:57 dell_xps racoon: DEBUG2: CHKPH1THERE: extract_port. Dec 2 19:09:57 dell_xps racoon: DEBUG2: CHKPH1THERE: found a ph1 wop. Dec 2 19:09:57 dell_xps racoon: DEBUG2: CHKPH1THERE: got a ph1 handler, setting ports. Dec 2 19:09:57 dell_xps racoon: DEBUG2: iph1->local: 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG2: iph1->remote: xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG2: before: Dec 2 19:09:57 dell_xps racoon: DEBUG2: src: 10.223.7.66[0] Dec 2 19:09:57 dell_xps racoon: DEBUG2: dst: xxx.xxx.xxx.xxx[0] Dec 2 19:09:57 dell_xps racoon: DEBUG2: After: Dec 2 19:09:57 dell_xps racoon: DEBUG2: src: 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG2: dst: xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: === Dec 2 19:09:57 dell_xps racoon: DEBUG: begin QUICK mode. Dec 2 19:09:57 dell_xps racoon: INFO: initiate new phase 2 negotiation: 10.223.7.66[4500]<=>xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: compute IV for phase2 Dec 2 19:09:57 dell_xps racoon: DEBUG: phase1 last IV: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: DEBUG: phase2 IV computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: call pfkey_send_getspi Dec 2 19:09:57 dell_xps racoon: DEBUG: pfkey GETSPI sent: ESP/Tunnel xxx.xxx.xxx.xxx[0]->10.223.7.66[0] Dec 2 19:09:57 dell_xps racoon: DEBUG: pfkey getspi sent. Dec 2 19:09:57 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:09:57 dell_xps racoon: DEBUG: get pfkey GETSPI message Dec 2 19:09:57 dell_xps racoon: DEBUG2: Dec 2 19:09:57 dell_xps racoon: DEBUG: pfkey GETSPI succeeded: ESP/Tunnel xxx.xxx.xxx.xxx[0]->10.223.7.66[0] spi=.............................. Dec 2 19:09:57 dell_xps racoon: INFO: NAT detected -> UDP encapsulation (ENC_MODE 1->61443). Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:09:57 dell_xps racoon: oakley_dh_generate(MODP1024): 0.007788 Dec 2 19:09:57 dell_xps racoon: DEBUG: compute DH's private. Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: compute DH's public. Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: use local ID type IPv4_subnet Dec 2 19:09:57 dell_xps racoon: DEBUG: use remote ID type IPv4_subnet Dec 2 19:09:57 dell_xps racoon: DEBUG: IDci: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: IDcr: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 52, next type 10 Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 16, next type 4 Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 128, next type 5 Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 12, next type 5 Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 12, next type 0 Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:57 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=244): 0.000019 Dec 2 19:09:57 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: add payload of len 20, next type 1 Dec 2 19:09:57 dell_xps racoon: DEBUG: begin encryption. Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: DEBUG: pad length = 8 Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:57 dell_xps racoon: alg_oakley_encdef_encrypt(aes klen=256 size=272): 0.000030 Dec 2 19:09:57 dell_xps racoon: DEBUG: with key: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: encrypted payload by IV: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: save IV for next: Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: encrypted. Dec 2 19:09:57 dell_xps racoon: DEBUG: Adding NON-ESP marker Dec 2 19:09:57 dell_xps racoon: DEBUG: 304 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: 1 times of 304 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:57 dell_xps racoon: DEBUG: Dec 2 19:09:57 dell_xps racoon: DEBUG: resend phase2 packet Dec 2 19:09:57 dell_xps racoon: phase2(quick I msg1): 0.009555 Dec 2 19:09:58 dell_xps racoon: DEBUG: === Dec 2 19:09:58 dell_xps racoon: DEBUG: 92 bytes message received from xxx.xxx.xxx.xxx[4500] to 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: receive Information. Dec 2 19:09:58 dell_xps racoon: DEBUG: compute IV for phase2 Dec 2 19:09:58 dell_xps racoon: DEBUG: phase1 last IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: phase2 IV computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: begin decryption. Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: IV was saved for next processing: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: alg_oakley_encdef_decrypt(aes klen=256 size=64): 0.000018 Dec 2 19:09:58 dell_xps racoon: DEBUG: with key: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted payload by IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted payload, but not trimed. Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: padding len=1 Dec 2 19:09:58 dell_xps racoon: DEBUG: skip to trim padding. Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted. Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: IV freed Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:58 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=32): 0.000011 Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hash validated. Dec 2 19:09:58 dell_xps racoon: DEBUG: begin. Dec 2 19:09:58 dell_xps racoon: DEBUG: seen nptype=8(hash) Dec 2 19:09:58 dell_xps racoon: DEBUG: seen nptype=11(notify) Dec 2 19:09:58 dell_xps racoon: DEBUG: succeed. Dec 2 19:09:58 dell_xps racoon: DEBUG: call pfkey_send_dump Dec 2 19:09:58 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:09:58 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:09:58 dell_xps racoon: DEBUG: === Dec 2 19:09:58 dell_xps racoon: DEBUG: 156 bytes message received from xxx.xxx.xxx.xxx[4500] to 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: compute IV for phase2 Dec 2 19:09:58 dell_xps racoon: DEBUG: phase1 last IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: phase2 IV computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: begin decryption. Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: IV was saved for next processing: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: alg_oakley_encdef_decrypt(aes klen=256 size=128): 0.000018 Dec 2 19:09:58 dell_xps racoon: DEBUG: with key: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted payload by IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted payload, but not trimed. Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: padding len=1 Dec 2 19:09:58 dell_xps racoon: DEBUG: skip to trim padding. Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted. Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: MODE_CFG packet Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: Seen payload 8 Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:58 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=105): 0.000011 Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: Seen payload 14 Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: Configuration exchange type mode config SET Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_ADDRESS Dec 2 19:09:58 dell_xps racoon: DEBUG: Unexpected SET attribute INTERNAL_IP4_ADDRESS Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_NETMASK Dec 2 19:09:58 dell_xps racoon: DEBUG: Unexpected SET attribute INTERNAL_IP4_NETMASK Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_SUBNET Dec 2 19:09:58 dell_xps racoon: DEBUG: Unexpected SET attribute INTERNAL_IP4_SUBNET Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_ADDRESS_EXPIRY Dec 2 19:09:58 dell_xps racoon: DEBUG: Unexpected SET attribute INTERNAL_ADDRESS_EXPIRY Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_DNS Dec 2 19:09:58 dell_xps racoon: DEBUG: Unexpected SET attribute INTERNAL_IP4_DNS Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute SUPPORTED_ATTRIBUTES Dec 2 19:09:58 dell_xps racoon: DEBUG: Unexpected SET attribute SUPPORTED_ATTRIBUTES Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute APPLICATION_VERSION Dec 2 19:09:58 dell_xps racoon: DEBUG: Unexpected SET attribute APPLICATION_VERSION Dec 2 19:09:58 dell_xps racoon: DEBUG: Sending MODE_CFG ACK Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:58 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=12): 0.000008 Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: MODE_CFG packet to send Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: begin encryption. Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: pad length = 16 Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: alg_oakley_encdef_encrypt(aes klen=256 size=48): 0.000007 Dec 2 19:09:58 dell_xps racoon: DEBUG: with key: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encrypted payload by IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: save IV for next: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encrypted. Dec 2 19:09:58 dell_xps racoon: DEBUG: Adding NON-ESP marker Dec 2 19:09:58 dell_xps racoon: DEBUG: 80 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: 1 times of 80 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: sendto mode config attr. Dec 2 19:09:58 dell_xps racoon: DEBUG: Sending MODE_CFG REQUEST Dec 2 19:09:58 dell_xps racoon: DEBUG: IV freed Dec 2 19:09:58 dell_xps racoon: DEBUG: compute IV for phase2 Dec 2 19:09:58 dell_xps racoon: DEBUG: phase1 last IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: phase2 IV computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:58 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=52): 0.000008 Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: MODE_CFG packet to send Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: begin encryption. Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: pad length = 8 Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: alg_oakley_encdef_encrypt(aes klen=256 size=80): 0.000008 Dec 2 19:09:58 dell_xps racoon: DEBUG: with key: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encrypted payload by IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: save IV for next: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encrypted. Dec 2 19:09:58 dell_xps racoon: DEBUG: Adding NON-ESP marker Dec 2 19:09:58 dell_xps racoon: DEBUG: 112 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: 1 times of 112 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: sendto mode config attr. Dec 2 19:09:58 dell_xps racoon: DEBUG: === Dec 2 19:09:58 dell_xps racoon: DEBUG: 124 bytes message received from xxx.xxx.xxx.xxx[4500] to 10.223.7.66[4500] Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: begin decryption. Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: DEBUG: IV was saved for next processing: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:09:58 dell_xps racoon: alg_oakley_encdef_decrypt(aes klen=256 size=96): 0.000017 Dec 2 19:09:58 dell_xps racoon: DEBUG: with key: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted payload by IV: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted payload, but not trimed. Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: padding len=1 Dec 2 19:09:58 dell_xps racoon: DEBUG: skip to trim padding. Dec 2 19:09:58 dell_xps racoon: DEBUG: decrypted. Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: MODE_CFG packet Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: Seen payload 8 Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH with: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps 2e Dec 2 19:09:58 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:09:58 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=65): 0.000013 Dec 2 19:09:58 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: Seen payload 14 Dec 2 19:09:58 dell_xps racoon: DEBUG: Dec 2 19:09:58 dell_xps racoon: DEBUG: Configuration exchange type mode config REPLY Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_ADDRESS, len 4 Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_NETMASK, len 4 Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute INTERNAL_IP4_DNS, len 4 Dec 2 19:09:58 dell_xps racoon: DEBUG: Attribute APPLICATION_VERSION, len 25 Dec 2 19:09:58 dell_xps racoon: WARNING: Ignored attribute APPLICATION_VERSION Dec 2 19:10:00 dell_xps racoon: DEBUG: KA: 10.223.7.66[4500]- >xxx.xxx.xxx.xxx[4500] Dec 2 19:10:00 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:00 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:00 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:00 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:00 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:00 dell_xps racoon: DEBUG: 1 times of 1 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:00 dell_xps racoon: DEBUG: Dec 2 19:10:00 dell_xps ff Dec 2 19:10:01 dell_xps cron[21322]: (root) CMD (test -x /usr/sbin/run-crons && /usr/sbin/run-crons ) Dec 2 19:10:07 dell_xps racoon: DEBUG: 304 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:07 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:07 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:07 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:07 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:07 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:07 dell_xps racoon: DEBUG: 1 times of 304 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:07 dell_xps racoon: DEBUG: Dec 2 19:10:07 dell_xps racoon: DEBUG: resend phase2 packet Dec 2 19:10:17 dell_xps racoon: DEBUG: 304 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:17 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:17 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:17 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:17 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:17 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:17 dell_xps racoon: DEBUG: 1 times of 304 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:17 dell_xps racoon: DEBUG: Dec 2 19:10:17 dell_xps racoon: DEBUG: resend phase2 packet Dec 2 19:10:21 dell_xps racoon: DEBUG: KA: 10.223.7.66[4500]- >xxx.xxx.xxx.xxx[4500] Dec 2 19:10:21 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:21 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:21 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:21 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:21 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:21 dell_xps racoon: DEBUG: 1 times of 1 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:21 dell_xps racoon: DEBUG: Dec 2 19:10:21 dell_xps ff ^[[ADec 2 19:10:27 dell_xps racoon: ERROR: xxx.xxx.xxx.xxx give up to get IPsec-SA due to time up to wait. Dec 2 19:10:27 dell_xps racoon: DEBUG: an undead schedule has been deleted. Dec 2 19:10:27 dell_xps racoon: DEBUG: IV freed Dec 2 19:10:27 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:10:27 dell_xps racoon: DEBUG: get pfkey EXPIRE message Dec 2 19:10:27 dell_xps racoon: DEBUG2: Dec 2 19:10:27 dell_xps racoon: INFO: IPsec-SA expired: ESP/Tunnel xxx.xxx.xxx.xxx[0]->10.223.7.66[0] spi=................................ Dec 2 19:10:27 dell_xps racoon: DEBUG: no such a SA found: ESP/Tunnel xxx.xxx.xxx.xxx[0]->10.223.7.66[0] spi=............................... Dec 2 19:10:37 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:10:37 dell_xps racoon: DEBUG: get pfkey ACQUIRE message Dec 2 19:10:37 dell_xps racoon: DEBUG2: Dec 2 19:10:37 dell_xps racoon: DEBUG: suitable outbound SP found: 10.223.7.0/24[0] 10.10.10.0/24[0] proto=any dir=out. Dec 2 19:10:37 dell_xps racoon: DEBUG: sub:0x7fff5c6106a0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:10:37 dell_xps racoon: DEBUG: db :0x14ddad0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=fwd Dec 2 19:10:37 dell_xps racoon: DEBUG: sub:0x7fff5c6106a0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:10:37 dell_xps racoon: DEBUG: db :0x14dddc0: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in Dec 2 19:10:37 dell_xps racoon: DEBUG: suitable inbound SP found: 10.10.10.0/24[0] 10.223.7.0/24[0] proto=any dir=in. Dec 2 19:10:37 dell_xps racoon: DEBUG: new acquire 10.223.7.0/24[0] 10.10.10.0/24[0] proto=any dir=out Dec 2 19:10:37 dell_xps racoon: DEBUG: configuration found for xxx.xxx.xxx.xxx. Dec 2 19:10:37 dell_xps racoon: DEBUG: getsainfo params: loc='10.223.7.0/24', rmt='10.10.10.0/24', peer='NULL', id=0 Dec 2 19:10:37 dell_xps racoon: DEBUG: getsainfo pass #2 Dec 2 19:10:37 dell_xps racoon: DEBUG: evaluating sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0 Dec 2 19:10:37 dell_xps racoon: DEBUG: selected sainfo: loc='ANONYMOUS', rmt='ANONYMOUS', peer='ANY', id=0 Dec 2 19:10:37 dell_xps racoon: DEBUG: (proto_id=ESP spisize=4 spi=00000000 spi_p=00000000 encmode=Tunnel reqid=0:0) Dec 2 19:10:37 dell_xps racoon: DEBUG: (trns_id=AES encklen=256 authtype=hmac-sha) Dec 2 19:10:37 dell_xps racoon: DEBUG: in post_acquire Dec 2 19:10:37 dell_xps racoon: DEBUG: configuration found for xxx.xxx.xxx.xxx. Dec 2 19:10:37 dell_xps racoon: DEBUG: begin QUICK mode. Dec 2 19:10:37 dell_xps racoon: DEBUG: === Dec 2 19:10:37 dell_xps racoon: DEBUG: begin QUICK mode. Dec 2 19:10:37 dell_xps racoon: INFO: initiate new phase 2 negotiation: 10.223.7.66[4500]<=>xxx.xxx.xxx[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: compute IV for phase2 Dec 2 19:10:37 dell_xps racoon: DEBUG: phase1 last IV: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: hash(sha1) Dec 2 19:10:37 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:10:37 dell_xps racoon: DEBUG: phase2 IV computed: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: call pfkey_send_getspi Dec 2 19:10:37 dell_xps racoon: DEBUG: pfkey GETSPI sent: ESP/Tunnel xxx.xxx.xxx.xxx[0]->10.223.7.66[0] Dec 2 19:10:37 dell_xps racoon: DEBUG: pfkey getspi sent. Dec 2 19:10:37 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:10:37 dell_xps racoon: DEBUG: get pfkey GETSPI message Dec 2 19:10:37 dell_xps racoon: DEBUG2: Dec 2 19:10:37 dell_xps racoon: DEBUG: pfkey GETSPI succeeded: ESP/Tunnel xxx.xxx.xxx.xxx[0]->10.223.7.66[0] spi=............................... Dec 2 19:10:37 dell_xps racoon: INFO: NAT detected -> UDP encapsulation (ENC_MODE 1->61443). Dec 2 19:10:37 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:10:37 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:10:37 dell_xps racoon: DEBUG: hmac(modp1024) Dec 2 19:10:37 dell_xps racoon: oakley_dh_generate(MODP1024): 0.005298 Dec 2 19:10:37 dell_xps racoon: DEBUG: compute DH's private. Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: compute DH's public. Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: use local ID type IPv4_subnet Dec 2 19:10:37 dell_xps racoon: DEBUG: use remote ID type IPv4_subnet Dec 2 19:10:37 dell_xps racoon: DEBUG: IDci: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: IDcr: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: add payload of len 52, next type 10 Dec 2 19:10:37 dell_xps racoon: DEBUG: add payload of len 16, next type 4 Dec 2 19:10:37 dell_xps racoon: DEBUG: add payload of len 128, next type 5 Dec 2 19:10:37 dell_xps racoon: DEBUG: add payload of len 12, next type 5 Dec 2 19:10:37 dell_xps racoon: DEBUG: add payload of len 12, next type 0 Dec 2 19:10:37 dell_xps racoon: DEBUG: HASH with: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: hmac(hmac_sha1) Dec 2 19:10:37 dell_xps racoon: alg_oakley_hmacdef_one(hmac_sha1 size=244): 0.000013 Dec 2 19:10:37 dell_xps racoon: DEBUG: HASH computed: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: add payload of len 20, next type 1 Dec 2 19:10:37 dell_xps racoon: DEBUG: begin encryption. Dec 2 19:10:37 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:10:37 dell_xps racoon: DEBUG: pad length = 8 Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: encryption(aes) Dec 2 19:10:37 dell_xps racoon: alg_oakley_encdef_encrypt(aes klen=256 size=272): 0.000020 Dec 2 19:10:37 dell_xps racoon: DEBUG: with key: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: encrypted payload by IV: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: save IV for next: Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: encrypted. Dec 2 19:10:37 dell_xps racoon: DEBUG: Adding NON-ESP marker Dec 2 19:10:37 dell_xps racoon: DEBUG: 304 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: 1 times of 304 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:37 dell_xps racoon: DEBUG: Dec 2 19:10:37 dell_xps racoon: DEBUG: resend phase2 packet Dec 2 19:10:37 dell_xps racoon: phase2(quick I msg1): 0.006335 Dec 2 19:10:41 dell_xps racoon: DEBUG: KA: 10.223.7.66[4500]- >xxx.xxx.xxx.xxx[4500] Dec 2 19:10:41 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:41 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:41 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:41 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:41 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:41 dell_xps racoon: DEBUG: 1 times of 1 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:41 dell_xps racoon: DEBUG: Dec 2 19:10:41 dell_xps ff Dec 2 19:10:47 dell_xps racoon: DEBUG: 304 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:47 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:47 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:47 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:47 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:47 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:47 dell_xps racoon: DEBUG: 1 times of 304 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:47 dell_xps racoon: DEBUG: Dec 2 19:10:47 dell_xps racoon: DEBUG: resend phase2 packet Dec 2 19:10:57 dell_xps racoon: DEBUG: 304 bytes from 10.223.7.66[4500] to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:57 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:10:57 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:10:57 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:57 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:10:57 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:10:57 dell_xps racoon: DEBUG: 1 times of 304 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:10:57 dell_xps racoon: DEBUG: Dec 2 19:10:57 dell_xps racoon: DEBUG: resend phase2 packet Dec 2 19:11:01 dell_xps racoon: DEBUG: KA: 10.223.7.66[4500]- >xxx.xxx.xxx.xxx[4500] Dec 2 19:11:01 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:11:01 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:11:01 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:11:01 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:11:01 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:11:01 dell_xps racoon: DEBUG: 1 times of 1 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:11:01 dell_xps racoon: DEBUG: Dec 2 19:11:01 dell_xps ff Dec 2 19:11:07 dell_xps racoon: DEBUG: pk_recv: retry[0] recv() Dec 2 19:11:07 dell_xps racoon: DEBUG: get pfkey EXPIRE message Dec 2 19:11:07 dell_xps racoon: DEBUG2: Dec 2 19:11:07 dell_xps racoon: INFO: IPsec-SA expired: ESP/Tunnel xxx.xxx.xxx.xxx[0]->10.223.7.66[0] spi=........................... Dec 2 19:11:07 dell_xps racoon: WARNING: the expire message is received but the handler has not been established. Dec 2 19:11:07 dell_xps racoon: ERROR: xxx.xxx.xxx.xxx give up to get IPsec- SA due to time up to wait. Dec 2 19:11:07 dell_xps racoon: DEBUG: an undead schedule has been deleted. Dec 2 19:11:07 dell_xps racoon: DEBUG: IV freed Dec 2 19:11:21 dell_xps racoon: DEBUG: KA: 10.223.7.66[4500]- >xxx.xxx.xxx.xxx[4500] Dec 2 19:11:21 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:11:21 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:11:21 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:11:21 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:11:21 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:11:21 dell_xps racoon: DEBUG: 1 times of 1 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:11:21 dell_xps racoon: DEBUG: Dec 2 19:11:21 dell_xps ff Dec 2 19:11:41 dell_xps racoon: DEBUG: KA: 10.223.7.66[4500]- >xxx.xxx.xxx.xxx[4500] Dec 2 19:11:41 dell_xps racoon: DEBUG: sockname 10.223.7.66[4500] Dec 2 19:11:41 dell_xps racoon: DEBUG: send packet from 10.223.7.66[4500] Dec 2 19:11:41 dell_xps racoon: DEBUG: send packet to xxx.xxx.xxx.xxx[4500] Dec 2 19:11:41 dell_xps racoon: DEBUG: src4 10.223.7.66[4500] Dec 2 19:11:41 dell_xps racoon: DEBUG: dst4 xxx.xxx.xxx.xxx[4500] Dec 2 19:11:41 dell_xps racoon: DEBUG: 1 times of 1 bytes message will be sent to xxx.xxx.xxx.xxx[4500] Dec 2 19:11:41 dell_xps racoon: DEBUG: Dec 2 19:11:41 dell_xps ff ============================= Meanwhile, the router log shows this error: ============================= CRYPTO_IKE.NEGOTIATION Using the IPSec Policy 'VPN 10' specified by the ike remote-id CRYPTO_IPSEC IPSecGetPolicyInfo: SPDMatchPolicy error CRYPTO_IKE.NEGOTIATION The remote ID specified IPSec Policy 'VPN 10', but the selectors did not match CRYPTO_IKE.NEGOTIATION 100: Failed to get policy info from IPSec CRYPTO_IKE.NEGOTIATION peer yyy.yyy.yyy.yyy: IkeQMIdleProcess failed CRYPTO_IKE.NEGOTIATION peer yyy.yyy.yyy.yyy: IkeQMIdleProcess returned failure ============================= The above router error appears just as the laptop's racoon comes up with "WARNING: the expire message is received but the handler has not been established." Can you see any errors in my configuration? What addresses should I be configuring in the /etc/ipsec.conf file? -- Regards, Mick |